Insider Threats

This special report, based on our survey of IT security professionals and executives worldwide, analyzes malicious insider threats to businesses. Basic categories of malicious threats include accessing confidential information without authorization, disclosing confidential information, executing fraudulent transactions, and sabotage of the organization’s systems, network, or data. For each of these four categories of threat, we present data concerning the perceived seriousness of the threat and actual incidents and risks of each type. We then analyze the popularity of various methods for preventing, countering, and detecting incidents of malicious insider activity. (47 pp., 27 figs.) [Extended Description] [Research Byte]

May, 2010